diff options
| author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2019-05-17 10:57:18 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-05-17 10:57:18 +0200 |
| commit | f9d30b946fc8c135cbf833233ced3a5a002f01e0 (patch) | |
| tree | c97ebb033e21c944dc6ddf1d93f692a0d2ba8755 | |
| parent | 0857d92a58a29b6b09855df377282ff8623305b7 (diff) | |
| parent | 2dcb4cfbd644babf0ee202b4489689d882ae1dd3 (diff) | |
| download | nextcloud-server-f9d30b946fc8c135cbf833233ced3a5a002f01e0.tar.gz nextcloud-server-f9d30b946fc8c135cbf833233ced3a5a002f01e0.zip | |
Merge pull request #15590 from nextcloud/enh/15480/delete_apptoken_ocs_endpoint
Allow clients to delete their own apptoken
| -rw-r--r-- | core/Controller/AppPasswordController.php | 23 | ||||
| -rw-r--r-- | core/routes.php | 1 | ||||
| -rw-r--r-- | tests/Core/Controller/AppPasswordControllerTest.php | 57 |
3 files changed, 81 insertions, 0 deletions
diff --git a/core/Controller/AppPasswordController.php b/core/Controller/AppPasswordController.php index a858bb025d9..01ca1e2597b 100644 --- a/core/Controller/AppPasswordController.php +++ b/core/Controller/AppPasswordController.php @@ -24,6 +24,7 @@ declare(strict_types=1); namespace OC\Core\Controller; +use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Token\IProvider; use OC\Authentication\Token\IToken; use OCP\AppFramework\Http\DataResponse; @@ -115,4 +116,26 @@ class AppPasswordController extends \OCP\AppFramework\OCSController { 'apppassword' => $token ]); } + + /** + * @NoAdminRequired + * + * @return DataResponse + */ + public function deleteAppPassword() { + if (!$this->session->exists('app_password')) { + throw new OCSForbiddenException('no app password in use'); + } + + $appPassword = $this->session->get('app_password'); + + try { + $token = $this->tokenProvider->getToken($appPassword); + } catch (InvalidTokenException $e) { + throw new OCSForbiddenException('could not remove apptoken'); + } + + $this->tokenProvider->invalidateTokenById($token->getUID(), $token->getId()); + return new DataResponse(); + } } diff --git a/core/routes.php b/core/routes.php index 1544fd67e07..073352c4421 100644 --- a/core/routes.php +++ b/core/routes.php @@ -102,6 +102,7 @@ $application->registerRoutes($this, [ ['root' => '/core', 'name' => 'WhatsNew#get', 'url' => '/whatsnew', 'verb' => 'GET'], ['root' => '/core', 'name' => 'WhatsNew#dismiss', 'url' => '/whatsnew', 'verb' => 'POST'], ['root' => '/core', 'name' => 'AppPassword#getAppPassword', 'url' => '/getapppassword', 'verb' => 'GET'], + ['root' => '/core', 'name' => 'AppPassword#deleteAppPassword', 'url' => '/apppassword', 'verb' => 'DELETE'], ['root' => '/collaboration', 'name' => 'CollaborationResources#searchCollections', 'url' => '/resources/collections/search/{filter}', 'verb' => 'GET'], ['root' => '/collaboration', 'name' => 'CollaborationResources#listCollection', 'url' => '/resources/collections/{collectionId}', 'verb' => 'GET'], diff --git a/tests/Core/Controller/AppPasswordControllerTest.php b/tests/Core/Controller/AppPasswordControllerTest.php index a66bcb3fc26..a7be7a90b09 100644 --- a/tests/Core/Controller/AppPasswordControllerTest.php +++ b/tests/Core/Controller/AppPasswordControllerTest.php @@ -24,9 +24,11 @@ declare(strict_types=1); namespace Tests\Core\Controller; +use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Token\IProvider; use OC\Authentication\Token\IToken; use OC\Core\Controller\AppPasswordController; +use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\OCS\OCSForbiddenException; use OCP\Authentication\Exceptions\CredentialsUnavailableException; use OCP\Authentication\Exceptions\PasswordUnavailableException; @@ -187,5 +189,60 @@ class AppPasswordControllerTest extends TestCase { $this->controller->getAppPassword(); } + public function testDeleteAppPasswordNoAppPassword() { + $this->session->method('exists') + ->with('app_password') + ->willReturn(false); + + $this->expectException(OCSForbiddenException::class); + + $this->controller->deleteAppPassword(); + } + + public function testDeleteAppPasswordFails() { + $this->session->method('exists') + ->with('app_password') + ->willReturn(true); + $this->session->method('get') + ->with('app_password') + ->willReturn('myAppPassword'); + + $this->tokenProvider->method('getToken') + ->with('myAppPassword') + ->willThrowException(new InvalidTokenException()); + + $this->expectException(OCSForbiddenException::class); + + $this->controller->deleteAppPassword(); + } + + public function testDeleteAppPasswordSuccess() { + $this->session->method('exists') + ->with('app_password') + ->willReturn(true); + $this->session->method('get') + ->with('app_password') + ->willReturn('myAppPassword'); + + $token = $this->createMock(IToken::class); + $this->tokenProvider->method('getToken') + ->with('myAppPassword') + ->willReturn($token); + + $token->method('getUID') + ->willReturn('myUID'); + $token->method('getId') + ->willReturn(42); + + $this->tokenProvider->expects($this->once()) + ->method('invalidateTokenById') + ->with( + 'myUID', + 42 + ); + $result = $this->controller->deleteAppPassword(); + + $this->assertEquals(new DataResponse(), $result); + } } |